index.js 2.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960
  1. /**
  2. * eslint-plugin-security - ESLint plugin for Node Security
  3. */
  4. 'use strict';
  5. module.exports = {
  6. rules: {
  7. 'detect-unsafe-regex': require('./rules/detect-unsafe-regex'),
  8. 'detect-non-literal-regexp': require('./rules/detect-non-literal-regexp'),
  9. 'detect-non-literal-require': require('./rules/detect-non-literal-require'),
  10. 'detect-non-literal-fs-filename': require('./rules/detect-non-literal-fs-filename'),
  11. 'detect-eval-with-expression': require('./rules/detect-eval-with-expression'),
  12. 'detect-pseudoRandomBytes': require('./rules/detect-pseudoRandomBytes'),
  13. 'detect-possible-timing-attacks': require('./rules/detect-possible-timing-attacks'),
  14. 'detect-no-csrf-before-method-override': require('./rules/detect-no-csrf-before-method-override'),
  15. 'detect-buffer-noassert': require('./rules/detect-buffer-noassert'),
  16. 'detect-child-process': require('./rules/detect-child-process'),
  17. 'detect-disable-mustache-escape': require('./rules/detect-disable-mustache-escape'),
  18. 'detect-object-injection': require('./rules/detect-object-injection'),
  19. 'detect-new-buffer': require('./rules/detect-new-buffer')
  20. },
  21. rulesConfig: {
  22. 'detect-unsafe-regex': 0,
  23. 'detect-non-literal-regexp': 0,
  24. 'detect-non-literal-require': 0,
  25. 'detect-non-literal-fs-filename': 0,
  26. 'detect-eval-with-expression': 0,
  27. 'detect-pseudoRandomBytes': 0,
  28. 'detect-possible-timing-attacks': 0,
  29. 'detect-no-csrf-before-method-override': 0,
  30. 'detect-buffer-noassert': 0,
  31. 'detect-child-process': 0,
  32. 'detect-disable-mustache-escape': 0,
  33. 'detect-object-injection': 0,
  34. 'detect-new-buffer': 0
  35. },
  36. configs: {
  37. recommended: {
  38. plugins: [
  39. 'security'
  40. ],
  41. rules: {
  42. 'security/detect-buffer-noassert': 'warn',
  43. 'security/detect-child-process': 'warn',
  44. 'security/detect-disable-mustache-escape': 'warn',
  45. 'security/detect-eval-with-expression': 'warn',
  46. 'security/detect-new-buffer': 'warn',
  47. 'security/detect-no-csrf-before-method-override': 'warn',
  48. 'security/detect-non-literal-fs-filename': 'warn',
  49. 'security/detect-non-literal-regexp': 'warn',
  50. 'security/detect-non-literal-require': 'warn',
  51. 'security/detect-object-injection': 'warn',
  52. 'security/detect-possible-timing-attacks': 'warn',
  53. 'security/detect-pseudoRandomBytes': 'warn',
  54. 'security/detect-unsafe-regex': 'warn'
  55. }
  56. }
  57. }
  58. };